- From: Takuya Mori <tk-mori@isd.nec.co.jp>
- Date: Thu, 11 Oct 2001 19:00:11 +0900
- To: merlin@baltimore.ie
- Cc: w3c-ietf-xmldsig@w3.org
Hi merlin,
Thank you for your clarification.
merlin said:
> Indeed,see section 3.1.2 of the processing rules (signature
> generation):
>
> " Note, if the Signature includes same-document references, [XML] or
> [XML-schema] validation of the document might introduce changes that
> break the signature. Consequently, applications should be careful
> to consistently process the document or refrain from using external
> contributions (e.g., defaults and entities). "
>
> [ http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html ]
>
> This clearly states that parsing of the signature document
> itself is application-specific, and may be validating or well
> formed.
I skipped over the note you cited.
----
Takuya Mori
moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp
Internet Solution Platform Development Div.,
NEC Solutions, Tokyo Japan
Received on Thursday, 11 October 2001 06:00:24 UTC